You can use Security Center to protect your assets in the following scenarios:

  • If you have tens of Alibaba Cloud accounts and thousands of Elastic Compute Service (ECS) instances, you can use Security Center to manage your assets in a unified way and monitor your workloads in real time. Security Center also allows you to view the information about the vulnerabilities, threats, and attacks against your assets. If your assets contain vulnerabilities, attackers may exploit the vulnerabilities to compromise your asset security. Security Center can detect and fix the vulnerabilities on your assets. This reinforces your asset security and reduces the operations and maintenance (O&M) costs.
  • Security Center periodically detects vulnerabilities and performs baseline checks on your cloud services. In addition, Security Center can fix and monitor the detected vulnerabilities and items with risky configurations.
  • Security Center allows you to query web and host logs, and view the number of visits. In addition, Security Center enables you to collect and analyze the information about raw logs from different dimensions.
  • Security Center can monitor events such as AccessKey (AK) pair leaks, network intrusion, DDoS attacks, and bot attacks against Elastic Compute Service (ECS) instances. Security Center can also dynamically monitor ports that are open to ECS instances.
  • Security Center can trace the source of an intrusion event in an ECS instance, such as a webshell injection, a malware injection, and a ransomware activity. This allows you to analyze the cause and the whole process of an intrusion event.